STOCK TITAN

OpenText Cybersecurity Nastiest Malware of 2023 Shows Ransomware-as-a-Service Now Primary Business Model

Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Neutral)
Tags
Rhea-AI Summary
OpenText announces the Nastiest Malware of 2023, revealing the rise of ransomware-as-a-service (RaaS) and the decreasing percentage of people who pay ransom. Cl0p tops the list with its high ransom demands, while Black Cat, Akira, Royal, Black Basta, and Lockbit also make their debut.
Positive
  • Ransomware-as-a-service (RaaS) is on the rise, with Cl0p commanding exorbitant ransom demands and contributing to the average ransom payment approaching three quarters of a million dollars.
  • Only 29% of businesses pay ransom, an all-time low, indicating increased seriousness and investment in security.
Negative
  • None.

While average ransomware payments are up, the percentage of people who pay is at an all-time low

WATERLOO, ON, Oct. 25, 2023 /PRNewswire/ -- OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals.

This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit.

"A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities," said Muhi Majzoub, EVP and Chief Product Officer, OpenText. "There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom."

This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target.

2023 Nastiest Malware

  1. Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy.
  2. Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts.
  3. Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
  4. Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt.
  5. Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.
  6. Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately.

To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.

About OpenText Cybersecurity

OpenText Cybersecurity provides comprehensive security solutions for companies and partners of all sizes. From prevention, detection and response to recovery, investigation and compliance, our unified/end-to-end platform helps customers build cyber resilience via a holistic security portfolio. Powered by actionable insights from our real-time and contextual threat intelligence, OpenText Cybersecurity customers benefit from high efficacy products, a compliant experience and simplified security to help manage business risk.

About OpenText

OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions. For more information about OpenText (NASDAQ: OTEX, TSX: OTEX) visit opentext.com.

Connect with us:

OpenText CEO Mark Barrenechea's blog

Twitter | LinkedIn

Certain statements in this press release may contain words considered forward-looking statements or information under applicable securities laws. These statements are based on OpenText's current expectations, estimates, forecasts and projections about the operating environment, economies, and markets in which the company operates. These statements are subject to important assumptions, risks and uncertainties that are difficult to predict, and the actual outcome may be materially different. OpenText's assumptions, although considered reasonable by the company at the date of this press release, may prove to be inaccurate and consequently its actual results could differ materially from the expectations set out herein. For additional information with respect to risks and other factors which could occur, see OpenText's Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and other securities filings with the SEC and other securities regulators. Unless otherwise required by applicable securities laws, OpenText disclaims any intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise.

Copyright © 2023 OpenText. All Rights Reserved. Trademarks owned by OpenText. One or more patents may cover this product(s). For more information, please visit https://www.opentext.com/patents. Third-party products mentioned are owned by the respective third-party and/or its affiliates.

OTEX-G

 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/opentext-cybersecurity-nastiest-malware-of-2023-shows-ransomware-as-a-service-now-primary-business-model-301966112.html

SOURCE Open Text Corporation

FAQ

What is the Nastiest Malware of 2023?

The Nastiest Malware of 2023 is a ranking of the year's biggest malware threats, with Cl0p topping the list.

What is ransomware-as-a-service (RaaS)?

Ransomware-as-a-service (RaaS) is a business model where cybercriminals provide ransomware tools and infrastructure to other criminals for a share of the profits.

What is the average ransom payment?

The average ransom payment is rapidly approaching three quarters of a million dollars.

What percentage of businesses pay ransom?

Only 29% of businesses pay ransom, which is an all-time low.

Which organizations were victims of Cl0p ransomware?

Cl0p ransomware targeted notable organizations such as Shell, BBC, and the United States Department of Energy.

What is Lockbit 3.0?

Lockbit 3.0 is a ransomware strain that continues to cause havoc and is more modular and evasive than its predecessors.

What is Black Basta?

Black Basta is an active RaaS threat actor and is considered to be a descendant of the Conti ransomware group, targeting various industries indiscriminately.

Open Text Corp

NASDAQ:OTEX

OTEX Rankings

OTEX Latest News

OTEX Stock Data

7.63B
265.88M
2.1%
78.25%
1.7%
Software - Application
Services-computer Integrated Systems Design
Link
United States of America
ONTARIO CANADA